Item Search

NameAudit NamePluginCategory
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

2.4 Configure TCP Wrappers - Allow localhost.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Deny access to this server from all networksCIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - enable tcp_wrappers for inetdCIS Solaris 10 L1 v5.2Unix
2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND INFORMATION INTEGRITY

4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlogCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Debug Level Daemon Logging/4.4 Capture syslog AUTH Messages - Check if svc:/system/system-log is onlineCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlogCIS Solaris 10 L1 v5.2Unix
6.1.1 Configure SSH - Check if Host * is set in /etc/ssh/ssh_config.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.9 Harden host operating systemCIS Sybase 15.0 L1 DB v1.1.0SybaseDB
7.2 Set Password Expiration Parameters on Active Accounts - Check MAXWEEKS is set to 13CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Password Expiration Parameters on Active Accounts - Check MINWEEKS is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Password Expiration Parameters on Active Accounts - Check WARNWEEKS is set to 4CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check DICTIONDBDIR is set to /var/passwdCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/wordsCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINUPPER is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check PASSLENGTH is set to 8CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINALPHA is set to 2CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - WHITESPACE is set to YESCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.9 Lock Inactive User Accounts - Check if definact is set to 35.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - CDE package was not foundCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is not set to default string.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

18.3.2 (L1) Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.3.2 Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.3.2 Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.3.4 Ensure 'Configure SMB v1 server' is set to 'Disabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.4.2 (L1) Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI'CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DCWindows
CIS_Microsoft_Intune_for_Windows_10_v3.0.1_L1.audit from CIS Microsoft Intune for Windows 10 Benchmark v3.0.1CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows
CIS_Microsoft_Intune_for_Windows_10_v3.0.1_L2.audit from CIS Microsoft Intune for Windows 10 Benchmark v3.0.1CIS Microsoft Intune for Windows 10 v3.0.1 L2Windows
CIS_Microsoft_Intune_for_Windows_11_v3.0.1_L1.audit from CIS Microsoft Intune for Windows 11 Benchmark v3.0.1CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows
CIS_Microsoft_Intune_for_Windows_11_v3.0.1_L2.audit from CIS Microsoft Intune for Windows 11 Benchmark v3.0.1CIS Microsoft Intune for Windows 11 v3.0.1 L2Windows
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L1_BL_NG.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L1_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L2_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows
CIS_Microsoft_Windows_11_Stand-alone_v3.0.0_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows
CIS_Microsoft_Windows_11_Stand-alone_v3.0.0_L1_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows
CIS_Microsoft_Windows_11_Stand-alone_v3.0.0_L2_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BLWindows
CIS_Microsoft_Windows_Server_2019_Stand-alone_v2.0.0_L1_MS.audit from CIS Microsoft Windows Server 2019 Stand-alone v2.0.0CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows
CIS_Microsoft_Windows_Server_2019_Stand-alone_v2.0.0_L2_MS.audit from CIS Microsoft Windows Server 2019 Stand-alone v2.0.0CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MSWindows